EasyManuals Logo

HP 5920 Series Configuration Guide

HP 5920 Series
424 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #163 background imageLoading...
Page #163 background image
152
A blocked MAC address is restored to normal state after being blocked for 3 minutes. The interval
is fixed and cannot be changed.
• disableport—Disables the port until you bring it up manually.
• disableport-temporarily—Disables the port for a specific period of time. The period can be
configured with the port-security timer disableport command.
To configure the intrusion protection feature:
Ste
p
Command
Remarks
1. Enter system view.
system-view N/A
2. Enter Layer 2 Ethernet
interface view.
interface interface-type
interface-number
N/A
3. Configure the intrusion
protection feature.
port-security intrusion-mode
{ blockmac | disableport |
disableport-temporarily }
By default, intrusion protection is
disabled.
4. Return to system view.
quit N/A
5. (Optional.) Set the silence
timeout period during which a
port remains disabled.
port-security timer disableport
time-value
By default, the port silence timeout
is 20 seconds.
NOTE:
On a port operating in either macAddressElseUserLoginSecure mode or
macAddressElseUserLoginSecureExt mode, intrusion protection is triggered only after both MAC
authentication and 802.1X authentication fail for the same frame.
Configuring secure MAC addresses
Secure MAC addresses are configured or learned in autoLearn mode. If they are saved, they can survive
a device reboot. You can bind a secure MAC address to only one port in a VLAN.
Secure MAC addresses include static and sticky secure MAC addresses.
Table 6 A comparison of static and sticky secure MAC addresses
Type Address sources Aging mechanism
Can be saved and
survive a device
reboot?
Static Manually added
Not available.
They never age out unless you manually remove
them, change the port security mode, or disable
the port security feature.
Yes.
Sticky
Manually added or
automatically learned
by ports
Sticky MAC addresses by default do not age
out, but you can configure an aging timer to
delete old sticky MAC addresses. If you set the
aging timer to 0, sticky MAC addresses never
age out.
Yes.
The aging timer restarts
at a reboot.

Table of Contents

Other manuals for HP 5920 Series

Preview: Command Reference
Command Reference607 pages
Preview: Fundamentals Configuration Guide
Fundamentals Configuration Guide215 pages
Preview: Installation Guide
Installation Guide63 pages
Preview: Troubleshooting Guide
Troubleshooting Guide52 pages
Preview: Fc And Fcoe Configuration Guide
Fc And Fcoe Configuration Guide257 pages
Preview: Compliance And Safety Manual
Compliance And Safety Manual58 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the HP 5920 Series and is the answer not in the manual?

HP 5920 Series Specifications

General IconGeneral
BrandHP
Model5920 Series
CategorySwitch
LanguageEnglish

Related product manuals